Setup Intranet for Firewall Analyzer


    Firewall Analyzer includes the option to specify networks, or a range of IP addresses to identify machines behind a firewall. This setup is identified as the Intranet. By adding the machines or IP addresses that are located within your network (LAN), you can identify and distinguish between traffic that is generated within your network, and traffic that is coming from, or destined outside your network.

    Click the Settings > Firewall > Admin > Intranet page to view the defined intranet. The Intranet page contains the 'Configure all devices' link menu option. It lists all the devices that have been configured to send their logs to Firewall Analyzer for analysis. The table in the page lists the Device Name (names of the devices being monitored), Intranet Setting (the IP Network, IP Range, IP Address).

    Click the 'Configure all devices' link menu option to set the intranet for all the devices. Click the each listed firewall, would enable you to configure the (intranet) private Network or IP Range or IP Address for each firewall.

    The Configure Intranet page opens up. There is a provision to configure intranet for individual device, a group of devices, and all the devices. 

    Select the devices, for which you want to define the Intranet. All the available devices are listed in the Available Device(s) list. Select the devices and click right arrow. The selected devices are moved to the Selected Device(s) list. If you want to remove any device from the Selected Device(s) list, select the devices and click left arrow. The removed devices will be moved back to the Available Device(s) list.

    Select a group of devices. You can also select a single device or all the devices from this screen. Click Save button to complete the device selection and click Cancel button to cancel the selection.

    • To designate an entire IP network as an Intranet, select IP Network from the list, and enter the network IP address and the corresponding Net Mask value.
    • To include a single host in the Intranet, select IP Address from the list, and enter the IP address of the host.
    • To designate a range of IP address as the Intranet, select IP Range from the list, and enter the starting IP address and the ending IP address and enter the network IP address and the corresponding Net Mask value.

    You can specify multiple intranet by clicking the Add More button and remove the additional intranet with Delete button.

    Note:‚Äč

    Try to give minimum ranges/networks as much as possible.

    For Example : If you have three private IP Network (say) 10.8.0.0, 10.9.0.0, and 10.10.0.0, each with Net Mask: 255.255.0.0, then instead of adding them separately, we would recommend you to give the entire private IP network : 10.0.0.0 with Net Mask 255.0.0.0, as this would improve the performance of Firewall Analyzer. The same is recommended for IP Range also, where you can mention Start IP: 10.0.0.0, End IP: 10.255.255.255 and this is applicable to Class B & Class C networks also.

    For instance, if your are a MSSP (Managed Security Service Provider) who is monitoring firewalls of different client networks at different locations and all your clients could possibly end up with the same (intranet) private Network or IP Range or IP Address, then Configure all devices would serve the purpose of applying the common configuration across All Devices.

    Once you are done, click Save to activate the new settings and click Cancel button to cancel the operation.